Defining rights and privileges

This section describes how to configure access management when not using Central Governance.

This section explains the actions you can perform to define user rights and privileges in the Transfer CFT. It begins with this page, which explains user profiles and privileges.

The book is comprised of the following topics:

The security administrator is responsible for identifying all potential Transfer CFT users and their various needs.

Creating the inventory of objects and protection mechanisms

This stage consists of defining action and object domains by creating associations between the basic actions and object types provided.

Defining domains

Initially, there is no relationship between the managed objects and individual user names.

Defining action and object domains is not mandatory. The basic actions and objects may be grouped together directly within categories.

The security administrator also defines the scope of the objects within the action domain.

Defining users

Potential Transfer CFT users must be grouped together by means of user profiles. The security administrator is responsible for:

  • Naming each group, either by basing the Transfer CFT groups on those already defined at operating system level, or via a security utility external to Transfer CFT, or by defining them explicitly
  • Specifying how users will be identified. This operation requires particular care in the case of remote users

Related Links